EngineeringLast Updated Jan 22, 202610 min read

Software supply chain: What it is and how to keep it secure

Jacob Schmitt

Jacob Schmitt

Senior Technical Content Marketing Manager

The software supply chain contains all of the tools and dependencies necessary to create, build, and deploy a piece of software. For the end user of an application, the software supply chain is an abstraction. Though it’s invisible to users, the supply chain is a vital concern for software developers — and an enticing target for malicious actors.

The software supply chain consists of code, configurations, proprietary and open source binaries, libraries, plugins, and container dependencies. It also includes building orchestrators and tools such as assemblers, compilers, code analyzers and repositories, security, monitoring, and logging ops tools. In its broadest sense, the software supply chain also encompasses the people, organizations, and processes involved in software development.

In this article, we will look closely at what the software supply chain is, what risks it presents to software producers, and how your organization can take advantage of continuous integration to automate security and compliance checks that can let you take full advantage of the open source ecosystem while mitigating supply chain risks.

Manage change in your ecosystemwith new triggers and permissions controls
Learn More

What is the software supply chain?

Software applications are no longer built entirely from custom code. Instead, they are made up of a complex web of open source components and libraries, most of which inherit functionality from other third-party sources. This chain of dependencies lets developers use their preferred tools and enables teams to ship functional software to their users quickly. It also exposes organizations and their customers to vulnerabilities introduced by changes outside of their direct control.

By default, an organization inherits the software supply chain of all parts of its software.

Because of how big and convoluted the software supply chain can get, risk-averse businesses and governments usually request a software bill of materials (SBOM) that describes a part or most of the supply chain. For example, software vendors working with the federal government are required to provide an SBOM for their projects.

The insistence on SBOM is understandable given that in-house, outsourced, proprietary, or open source software often uses external components. The benefits of developing software this way include expedited development, lower production cost, and reduced time to market, but there is a real threat of bad actors exploiting common vulnerabilities and exposures (CVEs) in those components.

Why is the software supply chain vulnerable to attack?

At its core, the software supply chain is a large, growing, complex, and interconnected system of technology, people, and process touchpoints presenting multiple attack points. Bad actors can use these touchpoints to infiltrate the software supply chain. Software supply chain attacks have more than doubled in recent years, with the majority of organizations reporting at least one incident linked to third-party software or upstream components.

The “technology” touchpoint generally consists of infrastructure, software, and codebases.

Infrastructure vulnerabilities

Infrastructure refers to virtual or physical equipment used to operate software. Infrastructure such as servers, virtual machines, storage, and networking devices are vulnerable to misconfiguration errors that leave critical resources exposed to cyberattacks. The vast majority of organizations are at risk of security breaches due to misconfigured cloud infrastructure.

Software vulnerabilities

Software composed of proprietary code, but more so open source libraries and third-party tools, is vulnerable to inserting malicious code or exploiting bugs in code, orchestrating package dependency confusion, hijacking updates, and undermining code signing processes. Software dependencies, build pipelines, and container images represent the primary attack vectors, accounting for the majority of observed supply chain attack entry points.

Codebase vulnerabilities

Codebases that house these programs can be vulnerable too. Synopsys reports that a significant percentage of commercial code bases containing open source software have components that are behind on user updates by two years or more.

People vulnerabilities

Developers and other people can either maliciously or inadvertently introduce vulnerabilities in the software supply chain. For example, the crossenv typosquatting incident in 2017 was a malicious attack on the npm registry to trick unsuspecting developers into installing a crossenv (instead of cross-env) package that contained malware.

Process vulnerabilities

“Processes” are touchpoints of interest to attackers, especially identity and access management (IAM) processes. Attackers can compromise IAM controls through employees or systems to introduce spyware and ransomware.

AI and the evolving supply chain

As AI becomes foundational to modern software products, the traditional software supply chain is expanding to include new categories of risk. AI systems introduce dependencies that go beyond source code — including models, training datasets, embeddings, and orchestration layers — all of which can influence application behavior as much as traditional code.

AI models as supply chain components

The rapid growth of model repositories has introduced new attack surfaces. Thousands of models are added to platforms like Hugging Face every month, and security researchers have documented significant increases in malicious or unsafe models being distributed through these channels. Organizations must now consider model provenance and safety as part of their supply chain security practices.

From SBOM to AI-BOM

The traditional SBOM model doesn’t fully capture AI-specific supply chain risks. The concept of an AI Bill of Materials (AI-BOM) or ML-BOM is emerging to address this gap, documenting not just software dependencies but also:

  • Model sources and versions
  • Training data provenance
  • Third-party AI services and APIs
  • Embedding sources and vector databases
  • AI orchestration frameworks

NIST’s AI Risk Management Framework explicitly calls for AI-BOMs as part of managing AI-specific risks, acknowledging that traditional software SBOMs don’t capture model-specific vulnerabilities.

Shadow AI risks

Organizations face growing exposure from unauthorized AI usage within their environments. A significant percentage of security breaches now involve AI models or applications, with the majority of affected organizations lacking proper AI access controls. Shadow AI — where employees use unapproved AI tools — introduces unmanaged supply chain dependencies and can significantly increase breach costs.

How to improve software supply chain security

The first step towards securing your software supply chain is to get visibility into the components. Vendors and end-users can do this with an SBOM that lists all third-party components and dependencies within the software you distribute and use.

  • An SBOM provides an overview of what is happening, demonstrates security awareness and license compliance, and can be a guide to the latest advisory affecting components in the software. You can obtain further visibility and security of your software supply chain by adopting various automated vulnerability scanning technologies.
  • Consider creating a dedicated incident response team to provide patches or updates as needed. Make sure that you have well-written failover processes that you regularly and rigorous software testing. It is not enough to scan for or track common vulnerabilities. How quickly and thoroughly you remediate vulnerabilities can make a difference in your level of exposure.
  • Use only trusted repositories and verified sources for suppliers in the chain and perform regular risk assessments of libraries, frameworks, and suppliers. Complement the supplier’s testing with frequent independent tests. As a vendor, you can implement strong IAM policies and controls with the principle of least privilege. Include data governance guidelines to protect your data and infrastructure within your software supply chain.
  • Adopt continuous verification rather than point-in-time compliance checks. Modern supply chain security is shifting toward treating SBOMs as living operational artifacts that are continuously updated, validated, and correlated with runtime behavior. This approach recognizes that periodic validation is no longer sufficient to manage risk at scale.
  • Extend security practices to AI components by inventorying AI models, evaluating model sources, and implementing access controls for AI services. Consider AI-BOM tooling as part of your overall supply chain visibility strategy.

Regulatory landscape

Governments worldwide are strengthening supply chain security requirements. The European Union’s Cyber Resilience Act (CRA) requires software makers to create and maintain SBOMs in a standardized, machine-readable format. The EU AI Act, which took effect in 2025, mandates transparency of training data, risk-mitigation measures, and Safety and Security Model Reports for general-purpose AI models.

Organizations should prepare for increasing regulatory scrutiny around both traditional software supply chain practices and AI-specific requirements.

How to automate supply chain security with CI/CD

The best way to automate the security of your supply chain is with a robust continuous integration and continuous delivery (CI/CD) pipeline. With CircleCI, you can seamlessly integrate application security (AppSec) and development security operations (DevSecOps) tools. These tools check for vulnerabilities from the version control system (VCS) through the build, test, and deployment stages of your pipeline.

At the VCS stage, developers might make the mistake of committing secrets in plain text to a repository, which an attacker can uncover in Git history. CircleCI integrates with your VCS and enables you to scan commits for secrets using relevant orbs, such as the one from GitGuardian. You can securely store and manage your secrets within CircleCI with encrypted-at-rest environment variables or with container-stored contexts for use across projects.

You can fetch your stored secrets from third-party solutions dynamically or commit the encrypted version and keep the decryption tool in a context so that you can execute a decryption job to retrieve the secrets at the build and test stages in your CI/CD pipeline.

At the VCS stage, you can scan and receive advice for remediation on IAM misconfigurations, exposed credentials, and insecure configurations in infrastructure as code (IaC) templates found in your codebase.

At the build stage of your pipeline, run static application security testing (SAST) jobs on your code and open source libraries using relevant orbs. For example, you can use the Snyk orb to scan your codebase for dependency vulnerabilities. If the scan reveals a potential threat in your software supply chain, your build will fail and Snyk will output recommendations for improving the security of your code.

At the deployment stage, you can run dynamic application security testing (DAST) jobs to catch vulnerabilities at runtime in production. Various orbs provide prioritized insights on application code, package dependencies, web APIs, and compliance CVEs based on app behavior.

Conclusion

The interconnectedness of modern businesses, coupled with the increasing rate of change in the software ecosystem, gives bad actors plenty of attack points to target. Software development teams must prevent the exploitation of vulnerabilities as much as possible.

One way to do this is to add automated supply chain security scans at every point of your software delivery process with CI/CD.

Using CircleCI, you can create workflows with jobs that perform vulnerability scans and provide advice on codebases, open source libraries, dependencies, and other third-party tools. You can detect IaC misconfigurations in infrastructure, securely build and deploy artifacts, and validate compliance stipulations in your CI/CD pipeline using a variety of automatic pipeline triggers. As AI components become more prevalent in software, extending these practices to cover models, datasets, and AI services will be essential for comprehensive supply chain security.

To stay ahead of attackers and learn more about adding automated supply chain security to your CI/CD pipeline, get started with a free CircleCI account today.

Similar posts you may enjoy

Zero downtime deployments to Render using CircleCI

Jul 22, 20259 min read
John Abraham

John Abraham

DevOps engineer

Hyperparameter tuning for LLMs using CircleCI matrix workflows

Jun 5, 202512 min read
Muhammad Arham

Muhammad Arham

Senior NLP Researcher

End-to-end testing and deployment of a multi-agent AI system with Docker, LangGraph, and CircleCI

May 29, 202528 min read
Benito Martin

Benito Martin

Data Scientist